<?php
class Message{
	static function get($db="",$name="",$field="*",$where=""){
		try{
			$sql = "SELECT ".$field." FROM `message`";
			$id = $_SESSION['user']['id'];
			if($where!=""){
				$sql.=" WHERE ".$where;
			}else if($name!=""){
				$sql.=" WHERE `title`='".$name."'";
			}else if($id>=0){
				$sql.=" WHERE `from`='".$id."'";
			}
			return DB::query($sql);
		} catch(PDOException $e) {
			$data['msg'] = "Error: " . $e -> errorInfo() . " sql: " . $sql;
			$data['state'] = false;
			echo json_encode($data);
		}
	}
	
	static function set($db="",$data,$name=""){
		try{
			$sql  	= "update `message` set ";
			$comma	= "";
			$where 	= "";
			$id = $_SESSION['user']['id'];
			if($name!=""){
				$where = " WHERE `title`='".$name."'";
			}else if($id>=0){
				$where = " WHERE `from`='".$id."'";
			}else{
				return false;
			}
			if(empty($data))return false;
			foreach ($data as $field => $value) {
				if(!empty($value)||$value==""){
					$sql.=$comma." `".$field."`='".$value."'";
					$comma = ",";
				}
			}
			$sql.=$where;
			DB::exec_($sql);
			return true;
		} catch(PDOException $e) {
			$data['msg'] = "Error: " . $e -> errorInfo() . " sql: " . $sql;
			$data['state'] = false;
			echo json_encode($data);
			return false;
		}
	}

}
?>